Social Engineering

And cyber security

Why does this matter?

Why does this matter?

Why does this matter?

A (very) brief history of hacking

Predominantly for good!

❣️

UNIX came from hacking

🎉

1960s

A (very) brief history of hacking

First actual hackers!

👩‍💻

1970s

A (very) brief history of hacking

More computers => more hackers

☎️

FBI investigate NCSS hack

🕵️‍♂️

Computer viruses - Worms + trojan horses

🦠

Countries pass cyber security laws

✍️

1980s

A (very) brief history of hacking

High profile malicious hacks

🚔

Coorporate espionage

👨🏻‍💼

Digital bank heist

🏦

1990s

A (very) brief history of hacking

Commoditisation of hacking

🏭

Every big name suffered ddos

🌐

ISS hacked

🛰

2000s

How we protect ourself

Regular penetration testing

🕵️‍♂️

OWASP top 10

📜

Infrastructure hardening

🛠

Using high quality well tested standards

✍️

How we protect ourself

So we're safe... right?

So we're safe... right?

Social engineering

Social engineering

Social engineering

Social engineering

Exploits...

Authority
Liking

Obligation
Reciprocation
Social Validation
Scarcity

Social engineering - common vectors

Phishing

Social engineering - common vectors

Pretexting

"Hi, I'm calling about your account with X, I just need to confirm some things about your recent order. I just need to confirm your identity - could you please tell me your date of birth...?"

Social engineering - common vectors

Baiting

Social engineering - common vectors

Tailgating

Why are we talking about this now?

Why are we not more worried?

How can we prevent social engineering attacks?

Be mindful + skeptical

☎️

Never give out sensitive info

📜

Use a password manager and MFA

📋

If you're unsure if you should/can do something then check with someone else

✍️

Quick checklist

Am I using common sense?

🤔

Am I being put on the spot

🎯

Do I even know who this person is?

🕵️

Is this too much information?

📊

Security

By hewingram

Security

  • 117